RECENT BLOG NEWS

Version 2.4.6 of the wolfSSL embedded SSL/TLS library has been released and is now available for download.  This release contains bug fixes and has a few new features including:

– ECC into main (GPLv2) version
– Lean PSK build (reduced code size, RAM usage, and stack usage)
– FreeBSD CRL monitor support
– wolfSSL_peek()
– wolfSSL_send() and wolfSSL_recv() for I/O flag setting
– CodeWarrior Support
– MQX / MFS / RTCS Support
– Freescale Kinetis support including Hardware RNG
– autoconf builds use jobserver
– cyassl-config
– Sniffer memory reductions

Thanks to Brian Aker for the improved autoconf system, make rpm, cyassl-config, warning system, and general good ideas for improving wolfSSL!

The Freescale Kinetis K70 RNGA documentation can be found in Chapter 37 of the K70 Sub-Family Reference Manual:
http://cache.freescale.com/files/microcontrollers/doc/ref_manual/K70P256M150SF3RM.pdf

To download the open source, GPLv2-licensed version of wolfSSL 2.4.6, please visit our Download Page.  If you have any questions or comments or would like more information on commercial versions of wolfSSL, please contact us at info@yassl.com.

For build instructions, a full feature list, API reference, and more, please see the wolfSSL Manual.

In case you didn`t notice, open source is growing rapidly in government usage.  OpensourceforAmerica.org is keeping a helpful list of resources and examples of how open source is both helping government and expanding in usage.  See:  http://opensourceforamerica.org/projects/mentors/resources/.  Our team is proud to participate in and support the growth of open source use in government and military projects!  If you`re wondering how the wolfSSL lightweight SSL implementation is used in government and defense projects, just contact us at info@yassl.com.

Last week we talked about wolfSSL’s custom I/O handling and how to set it up. The following discussion assumes the I/O callbacks are reading and writing into buffers rather calling send() or recv().

A tricky situation is during the handshake. When calling wolfSSL_connect(), the client will send cipher text first and try to receive a response from the server. The send callback will be called and then the receive callback, which will WANT_READ. Application code will have to actually send the first handshake message and wait for the response.

The server receives and sends in reaction. Its receive callback is called, then its send callback, then the receive which will WANT_READ. The application has to send the handshake message.

Both sides receive and send in reaction to each other. When the handshake hasn’t completed, calls to wolfSSL_read() and wolfSSL_send() call wolfSSL_negotiate() which will drive the handshaking. If things are set up right, a call to wolfSSL_read() may return WANT_READ and the cipher-send buffer will have data to be sent to the peer.

One of our favorite tools at yaSSL is valgrind: http://valgrind.org .  Originally a memory error detector, it`s now an instrumentation framework for dynamic analysis that also does thread error detection, cache and branch-prediction profiling, and heap profiling.  If you`ve never used it, you should.  If you are using it, you should probably be using it more.  

We recently added an –enable-valgrind option to the wolfSSL lightweight SSL library to encourage us to use it more ourselves.  If valgrind is installed on your system all of the wolfSSL tests will be run under it.  This allows early detection of difficult to track down errors.  The detailed output makes tracking down and fixing errors a relatively simple process.  

One of our community members recently ported CTaoCrypt’s RSA and ECC code to the TinOS operating system in a project called TinyPKC (http://www-db.in.tum.de/~kothmayr/tinypkc/). TinyPKC was tested on 16-bit and 32-bit microcontroller platforms and should run on 8-bit platforms as well. It supports ECC key lengths from 112 bits to 521 bits and arbitrary RSA key lengths.

TinyPKC uses a subset of the CTaoCrypt functionality and provides support for the following operations:

– RSA public key encryption / private key decryption
– RSA private key signature generation / public key signature verification
– ECDSA signature generation and verification
– ECDH operations

For more information, please see the TinyPKC website and the included README in the download. Are you interested in running the wolfSSL embedded SSL library on TinyOS? If so, contact us at info@yassl.com.

yaSSL believes that business and technology partnerships are one of the keys to fostering success.  Such partnerships can come in many forms – be that business, technical, or community based, and work for both open source or commercial solutions.  To date, we have partnered with several companies, and are always looking for new partnerships.  To see a list of our current partners, please visit our Partner Page (http://yassl.com/yaSSL/Partners.html).

Are you interested in becoming a partner with yaSSL?  If so, contact us at info@yassl.com for more information.

Hi!  This top ten list crossed our desk today and we thought it was worthwhile to share with our users.  Combating MITM attacks and properly implementing SSL/TLS are on the list again this year.  

https://www.darkreading.com/top-mobile-vulnerabilities-and-exploits-of-2012/d/d-id/1138833

wolfSSL provides a mechanism to plug in your own application specific I/O routines. By default, the library uses functions that call the system’s recv() and send() functions with a file descriptor cached with the function wolfSSL_set_fd().

The prototypes for the I/O routines are:

int CBIORecv(CYASSL* ssl, char* buf, int sz, void* ctx);
int CBIOSend(CYASSL* ssl, char* buf, int sz, void* ctx);

In the default case, the network socket’s file descriptor is passed to the I/O routine in the ctx parameter. The ssl parameter is a pointer to the current session. In the receive case, buf points to the buffer where incoming cipher text should be copied for wolfSSL to decrypt and sz is the size of the buffer. In the send case, buf points to the buffer where wolfSSL has written cipher text to be sent and sz is the size of that buffer.

First you need to register your I/O callbacks with the CYASSL_CTX for your application using the functions wolfSSL_SetIORecv() and wolfSSL_SetIOSend().

wolfSSL_SetIORecv(ctx, myCBIORecv);
wolfSSL_SetIOSend(ctx, myCBIOSend);

As an example, for your application you want to control the socket for your own purposes. An example would be to have a server with a datagram socket which receives data from multiple clients or processes TLS through STDIN and STDOUT. In this case you would have four buffers:

cipher-receive encrypted data received from peer
cipher-send encrypted data to send to peer
clear-receive clear data received from wolfSSL
clear-send clear data passed to wolfSSL

Pointers to these buffers, values for their sizes, and read and write positions should be placed into a structure. This structure should be saved to the wolfSSL session with the functions wolfSSL_SetIOReadCtx() and wolfSSL_SetIOWriteCtx().

wolfSSL_SetIOReadCtx(ssl, buffer_data);
wolfSSL_SetIOWriteCtx(ssl, buffer_data);

The application receives a block of cipher text into the buffer cipher-receive. Next the application would call wolfSSL_read(ssl, buffer_data->clear_receive), causing wolfSSL to call myCBIORecv(). myCBIORecv() will be given a buffer, the size of the buffer, and the ctx, which has the cipher-receive buffer. The callback may be called many times for one call to wolfSSL_read(). If the cipher-receive buffer is empty, the callback should return -2, otherwise it should return the number of bytes copied into buf.

When the library wants to send data, like during handshaking or when wolfSSL_send() is called with some clear text, the library will call myCBIOSend(). The callback is given a buffer full of encrypted data, and the length of the encrypted data. In this example, the callback would copy this cipher text into cipher-send and return the number of bytes copied. If the cipher-send buffer isn’t big enough, the callback should return -2.

Choosing a good hash function for a hash table is difficult to say the least.  Even if you can achieve good distribution and performance for a given hash function it`s still most likely dependent on table size and the type of input.  Resizing the table or getting unexpected input can quickly turn an otherwise good choice into a bad one.  Using a cryptographic hash function reduces nearly all of the problems.  Any and all table sizes are now equally supported.  Strings, numbers, and even binary data are all valid input.  And since a change in a single bit of input has an avalanche effect on the output, uniform distribution is achieved.  Really, the only possible negative is performance.  But it`s not nearly as bad as you probably think.  

We tested 100 bytes of random data and did the test 1,000,000 times using the hash functions MD5, SHA1, and a typical MULTIPLIER type hash function.  Of course the basic hash function was the fastest at 0.66 microseconds per hash.  MD5 used 0.78 microseconds per hash while SHA1 consumed 1.02 microseconds per hash.  All in all, the small hit in performance seems well worth the gains in being able to use variable table sizes and any type of input without concern.  Testing was done using wolfSSL`s cryptography functionality in the CTaoCrypt module.

Are you interested in using the wolfSSL lightweight SSL library on the Green Hills INTEGRITY RTOS? Although wolfSSL doesn’t currently have INTEGRITY support, we would like to gauge user and community interest to help us plan our schedule for the upcoming year. If you would like to see INTEGRITY support added to wolfSSL, please let us know at info@yassl.com.

From Wikipedia, INTEGRITY “is royalty-free, POSIX-certified, and intended for use in embedded systems needing reliability, availability, and fault tolerance. It is built atop the velOSity microkernel and is intended mainly for modern 32- or 64-bit embedded system designs that support an MMU.” To learn more about INTEGRITY, please visit the Green Hills website, here: http://www.ghs.com/products/rtos/integrity.html.